Reputation: 11
Is there a way to insert "obfuscatd" text into MySql, so I can't read what my users store inside it?
I have a very simple table made of few fields, some of which I want to be non-readable by human eyes. By "readable" I mean I'd like to be able to open the database with any admin tool (such as PhpMyadmin) and see these fields as made of gibberish/protected text.
I'll try to reformulate: is there a way to avoid a client's comment such as "but you are in charge of the website and the databse, so you can read all its contents!". Think of private data, messages, etc. Stuff that people don't like to be "read" by anyone, not even the website admin of course.
What's the best approach to manage the database without accessing every shingle text info?
Note: the database must be accessible via PHP, which needs to run the usual SQL INSERT, SQL SELECT, ... queries.
Upvotes: 1
Views: 66
Answers (3)
Reputation: 6202
If the issue is that the user does not trust the server environment with data, the ONLY solution that will work is to encrypt the data before it gets to the server environment. You don't specify what this data is or what the use cases are or who needs to access it, but there are ways to accomplish client-side encryption with something like:
Other viable options are discussed in this SO question
Upvotes: 1
Reputation: 2130
If your clients are not trusting you to not read their data, you've got a problem there. This is not a technical problem, but a social one. Of course, you can encrypt their data (or even just a base64 encode) to make it not casually readable, but at some point the data has to be decryptable in order to be useful to them.
A one-way encryption (hash) is not useful here, as you need to be able to recover the original content. A fixed encryption key will not do the job, as you would be able to read content at will. Perhaps the client's password could be used as a key to encrypt the data, so that only they know the key that was used? Whenever they change their password, the data will have to be de-encrypted with the old password and re-encrypted with the new. And if they ever forget their password and need a new one generated, the encrypted data will be useless.
Upvotes: 3
Reputation: 485
Take a look at the reference manual of MySQL, there's many functions you can use for encrypt/decrypt.
MySQL reference manual: Encryption and compression functions
Upvotes: 0
Related Questions
- Can I hash / encrypt a database TEXT column?
- Encrypt a text into the database
- PHP hiding content from mysql
- Storing user data in database with out Escaping
- Can I obfuscate the SQL code in MySQL?
- PHP - Storing Text in MySQL Database
- How to insert malicious code text into database
- How to store data in db so that nobody with access to it can understand it?
- Obfuscate a mysql query result for a string
- Is it possible to pass a variable to php without the users 'seeing it'?